GCHQ: Lawyers don’t undermine cyber capabilities, they underpin them

Senior officials at Britain’s cyber and signals intelligence agency GCHQ published a rare article on Thursday defending the role of lawyers and legal frameworks for cyber operations amid an ongoing discussion about whether existing laws are providing an advantage to the West’s adversaries.

In particular, the article responds to an anonymous European intelligence official who argued in Binding Hook magazine that Western cyber capabilities are being constrained by stringent legal frameworks.

Specific operations aren’t detailed, but the author suggests how an agency focused on foreign intelligence might be prohibited from collecting “information from systems owned by the citizens of its country” as part of its normal course of duties.

“But what if, as Chinese and Russian cyber threat actors do, a system belonging to a citizen is being abused to route attack traffic through? Such an operational development is not foreseen, and thus not prescribed, by law. To collect information would then be illegal and require judicial overhaul – a process that can take years in a domain that can see modus operandi shift in a matter of days.”

The article cites numerous public complaints about a range of different kinds of oversight hampering the ability for security and intelligence agencies to be fully effective, including recently from two former heads of Germany’s foreign intelligence agency,

GCHQ’s response marks what has been a consistent argument by Britain’s cyber community — that cyber power can be exercised in a “responsible and democratic” way — and forms part of the agency’s growing efforts to contribute to public and academic discussions.

“We welcome this debate because, as the [anonymous European intelligence official] author points out, this view — or some version of it — has been expressed by various high-ranking officials over the years,” wrote GCHQ’s director of legal affairs, Shehzad Charania, and Neil M, one of the agency’s deputy directors.

These various high-ranking officials have included several from the United States, who, in the words of former NSA Director Michael Hayden, have “begged, cajoled, and pleaded” for the renewal of Section 702 of the U.S. Foreign Intelligence Surveillance Act (FISA) — a controversial electronic spying authority that the U.S. intelligence community says is vital for national security.

U.S. officials have warned that requiring additional oversight for FISA powers would undermine the capabilities it provides, but in their article the officials from GCHQ defend oversight as “a key part of what grants intelligence agencies their license to operate. It also provides the necessary confidence for operators to carry out their activities and is, therefore, far from an impediment.”